What is a reverse proxy server and how does it work?. Does a reverse proxy server increase the server costs or does it help reduce the costs ?. This post is intented to explore the advantages and disadvantages of reverse proxy servers.
What is a Reverse Proxy Server
It is a server that intercept the traffic and route it to another server. A reverse proxy server is an intermediary server that forwards traffic or requests from multiple clients (web browsers) to different servers. This is done for many reasons which i'll list below.
Why use a Reverse Proxy
- Special IP Address Cases - Imagine you need a certain service and only one IP address is required or have to access the service but you have more than one site to have access to that service. You can setup the reverse proxy and all the sites points to that reverse proxy server (A or AAA record). The reverse proxy will then forwards requests to those origin servers (sub.example.com, sub2.example2.com).
- Security - The information concerning your app is not public so no malicious client can access it directly without passing through the more security hardened nginx server. The reverse proxies have features that protects the backend servers from DDos attacks.
- Load balancing - If you have a website with millions of user traffic everyday, a reverse proxy can be used to set up a load balancing, distributing the traffic to more than one server, all handling request for one site. When one of those servers fail, the other servers will still be up and running.
- Global Server Load Balancing (GSLB) - A website is distributed on several servers, and location determines which server to process the client request depending on client location.
- Scalability and Flexibility - Because there is only one public IP address, it's easy to change the backend configurations and architecture. A typical example is when deploying a load balance, you can scale the number of servers up and down depending on the needs.
- Easy Logging and Auditing - There is only one point of access, logging and auditing becomes easy and simple.
Another good reason for using Reverse Proxies is web acceleration.
- Compression - You can reduce the amount of bandwidth by compressing server responses using gzip.
- SSL Termination - When you have one server (no reverse proxy), the server is responsible for decrypting client requests and encrypting server responses, this process is expensive. So if you have a reverse proxy, the proxy server will take care of the decrypting and encrypting and free the backend server's resources.
- Caching - A reverse proxy stores a copy of server responses before it returns it to the client. When another client make the same request, it returns that same response it stored. So the proxy will be providing the response itself insteady of fowarding the traffic to the backend server.
Note: Cache validation is a hard thing if you have a dynamic sites, or one where the data changes frequently.
How does it work
It accepts a request from a client and forwards it to a server that can process it and fulfill the request. The reverse proxy then returns the server response to the client. The reverse proxy is the user/public facing server. That's where the domain name of the website or app is pointed to. And it usually sits behind a firewall in a private network and directs traffic to appropriate backend servers.
Are Reverse Proxies Cost Effective ?
Setting up a reverse proxy can either increase the server costs or reduce them depending on how you set it up.
Take it this way:
- A user request a 12KB image from sub.example.co.zw
- The reverse proxy used 12KB bandwidth to download the image from the the sub.example.co.zw server (the one with the site)
- Then another 12 KB bandwidth sending from the reverse proxy to the client (user browser)
However, you can containerise everything (reverse proxy server, and the individual sites servers) with docker. This way you only have one server instance and billed for that server instance only.